nerdexam
EC-Council

312-50V10 · Question #308

What is the best defense against privilege escalation vulnerability?

The correct answer is C. Run services with least privileged accounts and implement multi-factor authentication and. The best defense against privilege escalation combines least-privilege service accounts with multi-factor authentication to limit and verify elevated access.

System Hacking

Question

What is the best defense against privilege escalation vulnerability?

Options

  • APatch systems regularly and upgrade interactive login privileges at the system administrator level.
  • BRun administrator and applications on least privileges and use a content registry for tracking.
  • CRun services with least privileged accounts and implement multi-factor authentication and
  • DReview user roles and administrator privileges for maximum utilization of automation services.

How the community answered

(59 responses)
  • A
    14% (8)
  • B
    5% (3)
  • C
    71% (42)
  • D
    10% (6)

Why each option

The best defense against privilege escalation combines least-privilege service accounts with multi-factor authentication to limit and verify elevated access.

APatch systems regularly and upgrade interactive login privileges at the system administrator level.

Patching alone is useful but 'upgrading interactive login privileges at the system administrator level' directly contradicts least-privilege principles and increases the escalation risk.

BRun administrator and applications on least privileges and use a content registry for tracking.

A 'content registry for tracking' is not a recognized security control against privilege escalation and does not restrict what a compromised account can do.

CRun services with least privileged accounts and implement multi-factor authentication andCorrect

Running services and processes under least-privileged accounts minimizes the damage an attacker can cause if they compromise a service, because the account has no unnecessary rights to escalate from. Adding multi-factor authentication ensures that even stolen credentials cannot be used alone to authenticate into higher-privilege contexts. Together these controls address both the attack surface and the authentication vector most commonly exploited in privilege escalation.

DReview user roles and administrator privileges for maximum utilization of automation services.

'Maximum utilization of automation services' has no direct security benefit and does not address the access control weaknesses that enable privilege escalation.

Concept tested: Least privilege and MFA defense against privilege escalation

Source: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implementing-least-privilege-administrative-models

Topics

#privilege escalation#least privilege#multi-factor authentication#defense hardening

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice